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WLAN SESSION MANAGEMENT TECHNIQUES WITH SECURE REKEYING AND 
LOGOFF 

This invention describes a scheme in which a wireless LAN (WLAN) user can maintain a 
secure session with the WLAN with periodic key update and secure logoff. Compared 
with existing session management mechanisms such as IEEE 802. Ix, our mechanism has 
the following advantages: 

• It does not require an authentication server for key update. This is particularly 
useful when the authentication server is far away, such as in the WLAN-3G 
interworking scenario where it is desirable to limit the control traffic from the 
wireless user to the cellular network. It is also especially useful in application 
scenarios such as in a home environment, where an authentication server may not 
be available. Our mechanism would still allow key update to increase the security 
leveL 

• Management information, in particular, logoff requests, is exchanged in a secure 
manner. In IEEE 802. Ix, such information is sent in the clear. It is thus prone to 
attacks in which a hacker can logoff an authenticated user even though the hacker 
does not have the session key. 

• It is particularly useful in web browser based public WLAN hot spot access 
solutions such as the one proposed in [1]. 

Once a user is authenticated by a WLAN, a secure session key is established and shared 
by the user and the WLAN. All subsequent communication will be encrypted using this 
session key. To prevent security attacks (e.g. attacks exploring security holes in the IEEE 
802.1 1 WEP mechanism) and ensure strong security, the session key needs to be updated 
periodically. In IEEE 802. Ix, the standard to be used for secure access control in 
WLANs, session key update relies on an authentication server. In essence, each time the 
key is updated, the user needs to go through the authentication steps similar to the initial 
authentication. As we discussed earlier, this can be quite inefficient in some cases and 
impossible in some application scenarios. In our scheme, once the user is authenticated 
and the session key is established, future key update no longer requires the participation 
of the authentication server. 



Management information excliange 

In our scheme, management information, such as key update or logoff requests, are 
encrypted with the same session key as the user data. Such information can be carried in 
special management frames or in regular data frames. 

Key update 

A simple form of local key update is to let the wireless user or the WLAN AP 
periodically (or based on the number of communicated frames/packets) initiate key 
refresh. Both the WLAN AP and the wireless user agree on a new key and start using this 
key. Since the key update communication between them is encrypted with the old key 
that is not known to an attacker, the new key should also be unknown to the attacker. 
However, this is based on the assumption that the old key is secure. If for some reason 
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the old key is cracked by a hacker (e.g. the key update is not frequent enough), the hacker 
can then know all the subsequent keys. This is rather undesirable. 

To solve this problem, we use the following scheme: 

• During the user authentication phase, instead of installing one shared secret — the 
initial session key - on both the wireless user machine and the WLAN AP, two 
shared secrets are installed. One of them is used as the initial session key, the 
other is used as a secure seed. Since the initial authentication is secure, these two 
keys are not known to the attacker. The initial session key may eventually be 
cracked by the attacker. For example, if the initial session key is used as a WEP 
key, after certain number of communication exchanges using the WEP key 
between the wireless user and the WLAN AP, the attacker may crack the key. 
However, the secure seed remains secure as it is not used in any insecure 
communication. 

• When a key update is necessary, a new key is generated and exchanged between 
the WLAN AP and the wireless user. Instead of directly using this new key, the 
AP and the wireless user use this new key together with the secure seed to 
generate the new session key. For example, the new session key may be generated 
by concatenating the secure seed with the new key, and then run MD5 hash 
algorithm to generate a fixed string. Other mechanisms can also be used. Since 
the attacker does not have the secure seed, even if he can crack the old session 
key, he wont be able to get the new session key 

Secure logoff 

As we discussed earlier, session logoff must be secure to prevent an attacker from 
logging off authenticated users. The IEEE 802. Ix based scheme cannot provide secure 
logoff because the logoff request is carried in an unencrypted frame. In our scheme, the 
wireless user sends the logoff request as encrypted traffic. Further, the logoff request is 
accompanied by the secure seed. Thus even if the attacker cracks the session key, he still 
could not log off the authenticated user. Since the secure seed appears in the logoff 
request and will no longer be used (a new secure seed needs to be negotiated each time 
the user logs in), thus even if it is seen by the attacker, no harm can be done. 

Conclusion 

The proposed mechanism provides secure wireless session with secure local key update 
and secure logoff These features are not available in the current wireless LAN solutions 
such as IEEE 802. Ix. They provide low-overhead, strong security solutions to all kinds of 
wireless LAN environment, from homes, enterprises, to public WLAN hot spots. 
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